Warning: TradePulse script has a vulnerability

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • DarkJedi
    No Refunds Issued.
    • Feb 2001
    • 28301

    #1

    Warning: TradePulse script has a vulnerability

    Apparently Trade Pulse script has some hole and a lot of people have been victims of infection.

    Someone injects a code into websites that use TradePulse, which redirects US people to some shady affiliate programs.

    Discussion here: http://forum.scriptpulse.com/index.p...ic,1260.0.html

    Screenshot of the injected code: http://clip2net.com/s/1am55

    One of the programs that accepts this stolen traffic: http://www.ptp123.com/


    Script developers still can't find a way to fix it.

    Last edited by DarkJedi; 09-10-2011, 09:40 AM.
  • blackmonsters
    Making PHP work
    • Nov 2002
    • 20961

    #2
    Originally posted by Dark_Jedi
    Apparently Trade Pulse script has some hole and a lot of people have been victims of infection.

    Someone injects a code into websites that use TradePulse, which redirects US people to some shady affiliate programs.

    Discussion here: http://forum.scriptpulse.com/index.p...ic,1260.0.html

    Screenshot of the injected code: http://clip2net.com/s/1am55

    One of the programs that accepts this stolen traffic: http://www.ptp123.com/


    Script developers still can't find a way to fix it.

    If the developers can't fix the script then it might not be the script.
    Servers can be insecure also.
    The script would be the obvious thing to attack once the server is already hacked.
    Free Open Source Live Aggregated Cams Script (FOSLACS)

    Comment

    • DarkJedi
      No Refunds Issued.
      • Feb 2001
      • 28301

      #3
      Originally posted by blackmonsters
      If the developers can't fix the script then it might not be the script.
      Servers can be insecure also.
      The script would be the obvious thing to attack once the server is already hacked.
      Idiot.

      /facepalm

      Comment

      • Dubya
        So Fucking Banned
        • Feb 2008
        • 1152

        #4
        Switch your sites to TE DJ.

        Comment

        • blackmonsters
          Making PHP work
          • Nov 2002
          • 20961

          #5
          Originally posted by Dark_Jedi
          Idiot.

          /facepalm
          Yeah right.

          I thought a script was being hacked but changed hosting because it was found that
          the server was being hacked through SSH. They had an old version installed.

          And try reading the word "might" in my post.


          Foolish idiot.
          Free Open Source Live Aggregated Cams Script (FOSLACS)

          Comment

          • Matyko
            PsyHead
            • Aug 2005
            • 8681

            #6
            any news about this one? where is the author? where are the webmasters affected by this?
            I just got my first 8-10 TP installs to test if its ok for us or not... --> Wipe?
            -=- Register with our ref link and we help you with the setup! -=-
            AdSpyglass.com - Double your profit from brokers

            Comment

            • Adraco
              Confirmed User
              • May 2009
              • 3745

              #7
              Originally posted by Matyko
              any news about this one? where is the author? where are the webmasters affected by this?
              I just got my first 8-10 TP installs to test if its ok for us or not... --> Wipe?
              I would definitely wipe everything, just to be safe, as long as it's any sites you care for and want to treat good.
              ----------------------------------------------------------------------------------
              The truth is not affected by the beliefs, or doubts, of the majority.

              Comment

              Working...